[openssl-commits] [web] master update

[Rich Salz]

The branch master has been updated
       via  22fe269070986cdb68933423044f4d126a154d0c (commit)
      from  23d754d753ebe6ed6b1ec6e8c9cecd67bdb0c6a1 (commit)


- Log -----------------------------------------------------------------
commit 22fe269070986cdb68933423044f4d126a154d0c
Author: Rich Salz <rs...@akamai.com>
Date:   Tue Aug 14 07:59:18 2018 -0400

    Add FIPS FAQ, update FIPS status.

-----------------------------------------------------------------------

Summary of changes:
 docs/faq-5-misc.txt |  7 +++++++
 docs/fips.html      | 21 ++++++++++++++-------
 2 files changed, 21 insertions(+), 7 deletions(-)

diff --git a/docs/faq-5-misc.txt b/docs/faq-5-misc.txt
index f2810e5..006b323 100644
--- a/docs/faq-5-misc.txt
+++ b/docs/faq-5-misc.txt
@@ -33,6 +33,13 @@ that came with the version of OpenSSL you are using. The pod 
format
 documentation is included in each OpenSSL distribution under the docs
 directory.
 
+* I need a FIPS validated offering
+
+Please see
+@@@https://www.openssl.org/docs/fips.html@@@; the OpenSSL project is no longer
+involved in private label validations nor adding platforms to the existing
+certificates.
+
 * How can I contact the OpenSSL developers?
 
 The README file describes how to submit bug reports and patches to
diff --git a/docs/fips.html b/docs/fips.html
index 5c9b3ec..7bbce9c 100644
--- a/docs/fips.html
+++ b/docs/fips.html
@@ -10,7 +10,7 @@
          <header><h2>FIPS-140</h2></header>
          <div class="entry-content">
 
-           <p>The most recent open source based validation of a cryptographic
+           <p>The current validation of a cryptographic
            module (Module) compatible with the OpenSSL 1.0.2
            is v2.0.16, FIPS 140-2 certificate <a
            
href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/Certificate/1747";>#1747</a>.
@@ -28,6 +28,19 @@
            </p>
 
             <p>
+            Neither validation will work with any release other than 1.0.2.
+            The OpenSSL project is no longer maintaining either the 1747
+            or the 2398 module. This includes adding platforms to those
+            validations.
+            We are starting work on a new validation, after the 1.1.1
+            release completes.
+            That module will have a small set of validated operational
+            environments.
+            The OpenSSL project is no longer involved in private label
+            validations nor adding platforms to the existing certificates.
+            </p>
+
+            <p>
            Here is the complete set of files. Note that if you are interested
             in the "1747" validation, you only need the three files mentioned
             above.</p>
@@ -68,12 +81,6 @@
              source based validated module directly.  You must obtain your
              own validation.</li>
 
-              <li>None of the validations will work with OpenSSL 1.1.0 or
-              later.</li>
-
-              <li>We are starting work on a new validation based on the
-              upcoming 1.1.1 release.</li>
-
            </ul>
 
          </div>
_____
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits